In the computer application field, during a process of protecting computer startup or accessing a remote server by a client side, for example, when a user starts a computer in normal mode, the general method for computer startup protection requires the user to enter a password to determine whether the identity of the user is legitimate. If the user can enter a correct password, the user will be regarded as a legitimate user by the computer (or the remote server) and is permitted to login and access the computer. Generally, the password of the user is set up by the user himself/herself. Theoretically, the user is the only one who knows the password. Therefore, the computer regards the user as legitimate if the user enters the password correctly.
And the computer can only identify the digital identity of the user; all the authentications to the user are for the digital identity of the user. While the real world is physical, every one has a unique physical identity. How to guarantee the user who would operate the computer with a digital identity is the legitimate owner of the digital identity, or how to guarantee the physical identity of the operator accord with the digital identity, is an important problem.
In the process of implementing the invention, the inventor found problems below.
On one side, in the method described above with the mode of user name/password, most user uses his/her or family member's birthday date or a telephone number as the password to prevent the password from being forgotten. But those meaningful character strings are easily to be guessed by others; or the user writes the password on a place where the user thought is safe, which is unsafe actually and the password is disclosed easily; furthermore, when the illegitimate user login the computer with the obtained password, the illegitimate user can transplant hard disk into a computer without a password and replace the content of the hard disk to implement the normal starting of the system. Therefore, the mode of user name/password above for identity identification has potential security threats.
On the other side, the mode of user name/password above is a verification mode of static password. During the application process, verification mode of static password has a lot of unsafe factors, which will lead to password disclosure and illegitimate login. Therefore, verification mode of static password is a way of identity verification with potential security threats.
In a word, in the prior art, the protection for computer startup has potential security threats which leads to password disclosure easily; and the security of binding the physical identity and digital identity cannot be guaranteed.